How to integrate AWS CloudWatch Metric Streams with New Relic by Terraform?

In order to send some cloud watch data to New Relic via Kinesis data firehose, we have to create a log subscription filter as

https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_subscription_filter

resource "aws_cloudwatch_log_subscription_filter" "test_lambdafunction_logfilter" {
  name            = "test_lambdafunction_logfilter"
  role_arn        = aws_iam_role.iam_for_lambda.arn
  log_group_name  = "/aws/lambda/example_lambda_name"
  filter_pattern  = "logtype test"
  destination_arn = aws_kinesis_stream.test_logstream.arn
  distribution    = "Random"
}

Here the destination_arn is using aws_kinesis_stream. Which can be found here. But there is an another resource named aws_kinesis_firehose_delivery_stream and it can provide http_endpoint_configuration to integrate with New Relic.

So between aws_kinesis_stream and aws_kinesis_firehose_delivery_stream, which to use?

From this article, we know it’s supporting this new HTTP endpoint: https://aws-api.newrelic.com/cloudwatch-metrics/v1
Maybe aws_kinesis_firehose_delivery_stream is the right one here.

Then is it good enough to add a aws_kinesis_firehose_delivery_stream as

resource "aws_kinesis_firehose_delivery_stream" "test_stream" {
  name        = "terraform-kinesis-firehose-test-stream"
  destination = "http_endpoint"

  http_endpoint_configuration {
    url                = "https://aws-api.newrelic.com/cloudwatch-metrics/v1"
    name               = "New Relic"
    access_key         = "my-key"
    buffering_size     = 15
    buffering_interval = 600
    role_arn           = aws_iam_role.firehose.arn
    s3_backup_mode     = "FailedDataOnly"
  }
}

finally call this resource from aws_cloudwatch_log_subscription_filter like

  destination_arn = aws_kinesis_firehose_delivery_stream.test_stream.arn

The first terraform link points to CloudWatch logs rather than metrics.
I see this resource to setup the CloudWatch metric stream: https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_metric_stream.

Then, you’d also need the Kinesis Data Firehose with HTTP destination: https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/kinesis_firehose_delivery_stream

Thank you very much for your reply.

Actually I’m using aws_kinesis_firehose_delivery_stream now. For aws_cloudwatch_log_subscription_filter I just want to add cloudwatch filter to separate logs into newrelic and s3 types.
If use aws_cloudwatch_metric_stream, I didn’t find a same feature.